Lucene search
K
MetasploitMost viewed

6848 matches found

Metasploit
Metasploit
•added 2011/08/21 11:40 p.m.•44 views

BNAT Router

This module will properly route BNAT traffic and allow for connections to be established to machines on ports which might not otherwise be accessible. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/11 6:18 p.m.•44 views

Windows Gather Credential Collector

This module harvests credentials found on the host and stores them in the database. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Credential Collector', 'Description' = %q This...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2011/07/09 1:40 a.m.•44 views

Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow

This module exploits a stack buffer overflow in process bcaaa-130.exe port 16102, which comes as part of the Blue Coat Authentication proxy. Please note that by default, this exploit will attempt up to three times in order to successfully gain remote code execution in some cases, it takes as many...

10CVSS8.3AI score0.54648EPSS
Exploits1
Metasploit
Metasploit
•added 2011/06/21 2:51 a.m.•44 views

Black Ice Cover Page ActiveX Control Arbitrary File Download

This module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control BIImgFrm.ocx 12.0.0.0. Code execution can be achieved by first uploading the payload to the remote machine, and then uploa...

9.3CVSS8.1AI score0.34761EPSS
Exploits7
Metasploit
Metasploit
•added 2011/02/26 5:56 a.m.•44 views

Windows Escalate Locked Desktop Unlocker

This module unlocks a locked Windows desktop by patching the respective code inside the LSASS.exe process. This patching process can result in the target system hanging or even rebooting, so be careful when using this module on production systems. This module requires Metasploit:...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2010/11/11 10:25 p.m.•44 views

IPv6 Local Neighbor Discovery

Enumerate local IPv6 hosts which respond to Neighbor Solicitations with a link-local address. Note, that like ARP scanning, this usually cannot be performed beyond the local broadcast network. This module requires Metasploit: https://metasploit.com/download Current source:...

7AI score
Exploits0
Metasploit
Metasploit
•added 2010/08/21 6:38 a.m.•44 views

Java Statement.invoke() Trusted Method Chain Privilege Escalation

This module exploits a vulnerability in Java Runtime Environment that allows an untrusted method to run in a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23. This module requires Metasploit: https://metasploit.com/download Current source...

9.8CVSS1AI score0.96166EPSS
Exploits5
Metasploit
Metasploit
•added 2010/06/21 4:53 p.m.•44 views

JBoss Vulnerability Scanner

This module scans a JBoss instance for a few vulnerabilities. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Vulnerability Scanner', 'Description' = %q This module scans a JBoss instance...

9.8CVSS0.1AI score0.90713EPSS
Exploits47
Metasploit
Metasploit
•added 2010/03/24 7:35 p.m.•44 views

UltraISO CCD File Parsing Buffer Overflow

This module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CCD files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to...

9.3CVSS0.2AI score0.4267EPSS
Exploits3
Metasploit
Metasploit
•added 2009/07/28 1:43 p.m.•44 views

Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE

This module exploits a sql injection flaw in the ROLLBACKWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

5.5CVSS0.8AI score0.17865EPSS
Exploits3
Metasploit
Metasploit
•added 2009/07/26 11:8 p.m.•44 views

PHP Executable Download and Execute

Download an EXE from an HTTP URL and execute it This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Php include Msf::Payload::Single def initializeinfo =...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2006/12/02 7:48 p.m.•44 views

Veritas Backup Exec Server Registry Access

This modules exploits a remote registry access flaw in the BackupExec Windows Server RPC service. This vulnerability was discovered by Pedram Amini and is based on the NDR stub information posted to openrce.org. Please see the action list for the different attack modes. This module requires...

10CVSS0.54155EPSS
Exploits2
Metasploit
Metasploit
•added 2006/09/27 3:23 a.m.•44 views

MaxDB WebDBM Database Parameter Overflow

This module exploits a stack buffer overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This module h...

10CVSS8.7AI score0.70468EPSS
Exploits7
Metasploit
Metasploit
•added 2006/01/15 9:13 p.m.•44 views

Unix Command Shell, Bind TCP (inetd)

Listen for a connection and spawn a command shell persistent This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 487 include Msf::Payload::Single include...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2021/09/20 5:41 p.m.•43 views

Jira Users Enumeration

This module exploits an information disclosure vulnerability that allows an unauthenticated user to enumerate users in the /ViewUserHover.jspa endpoint. This only affects Jira versions use auxiliary/scanner/http/jirauserenum msf auxiliaryjirauserenum show actions ...actions... msf...

5.3CVSS6.2AI score0.99603EPSS
Exploits8
Metasploit
Metasploit
•added 2020/07/29 5:41 p.m.•43 views

Baldr Botnet Panel Shell Upload Exploit

This module exploits an arbitrary file upload vulnerability within the Baldr stealer malware control panel when uploading victim log files which are uploaded as ZIP files. Attackers can turn this vulnerability into an RCE by first registering a new bot to the panel and then uploading a ZIP file...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2020/03/04 4:2 a.m.•43 views

Install Python for Windows

This module places an embeddable Python3 distribution onto the target file system, granting pentesters access to a lightweight Python interpreter. This module does not require administrative privileges or user interaction with installation prompts. This module requires Metasploit:...

0.2AI score
Exploits0
Metasploit
Metasploit
•added 2020/01/09 1:3 p.m.•43 views

Barco WePresent file_transfer.cgi Command Injection

This module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the filetransfer.cgi endpoint. This module requires Metasploit: https://metasploit.com/download Current...

9.8CVSS0.3AI score0.98952EPSS
Exploits10
Metasploit
Metasploit
•added 2019/11/01 8:11 p.m.•43 views

FusionPBX Operator Panel exec.php Command Execution

This module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operatorpanelview permissions, or administrator permissions, to execute arbitrary commands as the web server user by sending ...

8.8CVSS0.6AI score0.8748EPSS
Exploits9
Metasploit
Metasploit
•added 2019/10/21 4:11 p.m.•43 views

Nostromo Directory Traversal Remote Command Execution

This module exploits a remote command execution vulnerability in Nostromo 'Nostromo Directory Traversal Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Nostromo 'Quentin Kaiser ', metasploit module 'sp0re', original public exploit ,...

9.8CVSS10AI score0.99057EPSS
Exploits24
Metasploit
Metasploit
•added 2019/03/27 9:23 a.m.•43 views

AIS logistics ESEL-Server Unauth SQL Injection RCE

This module will execute an arbitrary payload on an "ESEL" server used by the AIS logistic software. The server typically listens on port 5099 without TLS. There could also be server listening on 5100 with TLS but the port 5099 is usually always open. The login process is vulnerable to an SQL...

9.8CVSS9.9AI score0.6585EPSS
Exploits5
Metasploit
Metasploit
•added 2019/01/16 12:16 a.m.•43 views

Unitronics PCOM Client

Unitronics Vision PLCs allow unauthenticated PCOM commands to query PLC registers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitronics PCOM Client', 'Description' = %q Unitronics Vision...

0.6AI score
Exploits0
Metasploit
Metasploit
•added 2018/10/20 6:15 p.m.•43 views

Morris Worm sendmail Debug Mode Shell Escape

This module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently, only...

0.3AI score
Exploits0
Metasploit
Metasploit
•added 2018/10/10 9:39 a.m.•43 views

Apple_iOS Meterpreter, Reverse HTTP Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 643824 include...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2018/09/28 4:0 p.m.•43 views

Windows Gather PureVPN Client Credential Collector

Finds the password stored for the PureVPN Client. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather PureVPN Client Credential Collector', 'Description' = %q Finds the password stor...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2018/06/09 6:13 a.m.•43 views

WebKitGTK+ WebKitFaviconDatabase DoS

This module exploits a vulnerability in WebKitFaviconDatabase when pageURL is unset. If successful, it could lead to application crash, resulting in denial of service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7.5CVSS7.5AI score0.69016EPSS
Exploits10
Metasploit
Metasploit
•added 2018/02/28 4:24 a.m.•43 views

Memcached Stats Amplification Scanner

This module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "stats" request is executed to check if an amplification attack is possible against a third party. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.2AI score0.8864EPSS
Exploits3
Metasploit
Metasploit
•added 2017/12/22 6:44 p.m.•43 views

Cambium ePMP 1000 'get_chart' Command Injection (v3.1-3.5-RC7)

This module exploits an OS Command Injection vulnerability in Cambium ePMP 1000 v3.1-3.5-RC7 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to execute arbitrary system commands. This module requires Metasploit:...

8.8CVSS0.8AI score0.74556EPSS
Exploits7
Metasploit
Metasploit
•added 2017/11/25 2:27 a.m.•43 views

Linux Meterpreter, Reverse HTTP Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1622448 include...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2017/11/25 2:27 a.m.•43 views

Linux Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1622448 include...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2017/11/15 3:40 p.m.•43 views

Polycom Shell HDX Series Traceroute Command Execution

Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl. This module requires Metasploit: https://metasploit.com/download Current source:...

7.7AI score
Exploits0
Metasploit
Metasploit
•added 2017/10/30 7:4 p.m.•43 views

Linux Meterpreter, Reverse HTTP Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1166612 include...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2017/07/18 3:53 p.m.•43 views

OrientDB 2.2.x Remote Code Execution

This module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.8CVSS1.6AI score0.73071EPSS
Exploits4
Metasploit
Metasploit
•added 2017/07/15 8:55 p.m.•43 views

Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution

This module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote Code Execution can be performed via a malicious field value. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS8.2AI score0.98931EPSS
Exploits19
Metasploit
Metasploit
•added 2017/02/24 10:18 a.m.•43 views

Jboss Credential Collector

This module can be used to extract the Jboss admin passwords for version 4,5 and 6. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'Jboss Credential Collector', 'Description'...

7AI score
Exploits0
Metasploit
Metasploit
•added 2017/01/31 10:5 p.m.•43 views

Binom3 Web Management Login Scanner, Config and Password File Dump

This module scans for Binom3 Multifunctional Revenue Energy Meter and Power Quality Analyzer management login portals, and attempts to identify valid credentials. There are four 4 default accounts - 'root'/'root', 'admin'/'1', 'alg'/'1', 'user'/'1'. In addition to device config, 'root' user can...

9.8CVSS7.1AI score0.1261EPSS
Exploits2
Metasploit
Metasploit
•added 2017/01/12 5:49 p.m.•43 views

TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the ZyXEL P660HN-T v1 router. This customized version has an unauthenticated command injection vulnerability in the remote log forwarding page. This module was tested in an emulated environment, as the author doesn'...

9.8CVSS7.8AI score0.94508EPSS
Exploits2
Metasploit
Metasploit
•added 2016/08/05 6:19 p.m.•43 views

DLL Side Loading Vulnerability in VMware Host Guest Client Redirector

A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim into opening a document from the attacker's share. An attacker can exploit this issue to execute arbitrary code with the privileges of...

7.8CVSS0.4AI score0.1802EPSS
Exploits5
Metasploit
Metasploit
•added 2016/06/28 7:28 a.m.•43 views

Ruby on Rails ActionPack Inline ERB Code Execution

This module exploits a remote code execution vulnerability in the inline request processor of the Ruby on Rails ActionPack component. This vulnerability allows an attacker to process ERB to the inline JSON processor, which is then rendered, permitting full RCE within the runtime, without logging ...

7.3CVSS1AI score0.81445EPSS
Exploits7
Metasploit
Metasploit
•added 2015/09/16 11:29 a.m.•43 views

Watchguard XCS Remote Command Execution

This module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On the other...

6.5CVSS8.3AI score0.57309EPSS
Exploits2
Metasploit
Metasploit
•added 2015/08/28 2:10 p.m.•43 views

Windows Gather Active Directory Groups

This module will enumerate AD groups on the specified domain. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Active Directory Groups', 'Description' = %q This module will...

6.8AI score
Exploits0
Metasploit
Metasploit
•added 2015/05/25 12:41 p.m.•43 views

Android Screen Capture

This module takes a screenshot of the target phone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Screen Capture', 'Description' = %q This module takes a screenshot of the target phon...

Exploits0
Metasploit
Metasploit
•added 2014/12/27 9:3 p.m.•43 views

Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager

Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2014/10/17 4:25 p.m.•43 views

HTTP SSL/TLS Version Detection (POODLE scanner)

Check if an HTTP server supports a given version of SSL/TLS. If a web server can successfully establish an SSLv3 session, it is likely to be vulnerable to the POODLE attack described on October 14, 2014, as a patch against the attack is unlikely...

7AI score
Exploits0
Metasploit
Metasploit
•added 2014/04/27 3:40 p.m.•43 views

Adobe Flash Player Type Confusion Remote Code Execution

This module exploits a type confusion vulnerability found in the ActiveX component of Adobe Flash Player. This vulnerability was found exploited in the wild in November 2013. This module has been tested successfully on IE 6 to IE 10 with Flash 11.7, 11.8 and 11.9 prior to 11.9.900.170 over Window...

9.3CVSS0.2AI score0.72495EPSS
Exploits6
Metasploit
Metasploit
•added 2014/03/12 5:46 p.m.•43 views

Joomla weblinks-categories Unauthenticated SQL Injection Arbitrary File Read

Joomla versions 3.2.2 and below are vulnerable to an unauthenticated SQL injection which allows an attacker to access the database or read arbitrary files as the 'mysql' user. This module will only work if the mysql user Joomla is using to access the database has the LOADFILE permission. This...

8.4AI score
Exploits0
Metasploit
Metasploit
•added 2013/08/16 3:51 p.m.•43 views

Nexpose XXE Arbitrary File Read

Nexpose v5.7.2 and prior is vulnerable to a XML External Entity attack via a number of vectors. This vulnerability can allow an attacker to a craft special XML that could read arbitrary files from the filesystem. This module exploits the vulnerability via the XML API. This module requires...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2013/08/13 9:27 p.m.•43 views

Joomla Media Manager File Upload Vulnerability

This module exploits a vulnerability found in Joomla 2.5.x up to 2.5.13, as well as 3.x up to 3.1.4 versions. The vulnerability exists in the Media Manager component, which comes by default in Joomla, allowing arbitrary file uploads, and results in arbitrary code execution. The module has been...

6.8CVSS10AI score0.48191EPSS
Exploits5
Metasploit
Metasploit
•added 2013/08/11 11:19 p.m.•43 views

Open-FTPD 1.2 Arbitrary File Upload

This module exploits multiple vulnerabilities found in Open FTP server. The software contains an authentication bypass vulnerability and a arbitrary file upload vulnerability that allows a remote attacker to write arbitrary files to the file system as long as there is at least one user who has...

8.5AI score
Exploits0
Metasploit
Metasploit
•added 2013/04/05 5:56 p.m.•43 views

D-Link DIR-645 / DIR-815 diagnostic.php Command Execution

Some D-Link Routers are vulnerable to OS Command injection in the web interface. On DIR-645 versions prior 1.03 authentication isn't needed to exploit it. On version 1.03 authentication is needed in order to trigger the vulnerability, which has been fixed definitely on version 1.04. Other D-Link...

8.8CVSS9.3AI score0.42414EPSS
Exploits2
Total number of security vulnerabilities5000